start:mogon_cluster:access_from_outside_windows

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
start:mogon_cluster:access_from_outside_windows [2020/07/10 12:13]
jrutte02
start:mogon_cluster:access_from_outside_windows [2021/07/08 18:02]
meesters [using Windows] PuTTY behind PowerShell (lexicographically correct and hopefully less trouble)
Line 1: Line 1:
-==== Access MOGON from outside of the university network using Windows ==== +<grid
- +<col xs="12sm="12md="12lg="6">
-<tabs> +
-  * [[#tab-putty|Using PuTTY]] +
-  * [[#tab-mobaxterm|Using MobaXterm]] +
- +
-<pane id="tab-putty"+
-==== Using PuTTY ==== +
- +
-Download [[http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html|PuTTY]] (preferrably use the MSI installer package((because in addition to the plain ''putty.exe'' you will most definitely need ''plink.exe'' for proxy connection, ''puttygen.exe'' for  key generation and ''pageant.exe'' for key-based authentication))) and install it on your computer. The following steps will show you how to configure the PuTTY terminal. +
- +
- +
-^ Download putty and install ^ +
-| {{ ::putty_directory.png?direct&512 |}} | +
- +
- +
-==== Access to MOGON I - Password Authentication ==== +
- +
- +
-Before being able to transparently proxy your connection to ''mogon'' through the ''mogon-login'' host, you need to connect to the host manually once and accept the SSH host key. So first open Putty and enter ''mogon-login.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22022''. When Putty prompts you for host key validation, accept it. Then close the window again. +
- +
-^ Accepting the host key for ''mogon-login'' ^^^ +
-| {{ ::putty_login.png?direct&320 |}} | {{ ::putty_login_host_key.png?direct&320|}} | {{ ::putty_login_close.png?direct&320|}} | +
- +
-  * Start a new Putty Session. On the left side, select the category "Connection"+
-  * Click on "Data" and type in your username. +
-  * Now choose the category "Proxy" and set the Proxy type to local. +
-  * Change the Proxy Hostname and Port to ''mogon-login.zdv.uni-mainz.de'' and ''22022''+
-  * Type in your MOGON username again and also enter your password((You really need to store the password in this dialog. If you are security-aware and are hesitant to store your password, use the key-based authentication method.)). +
-  * Enter ''plink.exe -nc %host:%port  -l %user -pw %pass -P %proxyport %proxyhost'' as the local proxy command. +
-  * On the "Session" page, select the connection type SSH, enter ''<username>@mogon.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22''.\\ +
-  * Finally, choose a name for the Session (e.g. ''mogon.zdv.uni-mainz.de'') and save the session profile for further use.\\ +
-When you now click on "Open", you connect directly to one of the MogonI login nodes. You might have to accept another host key for them, but that's fine. +
- +
-^ Example configuration with the username ''schlarbm'' ^^^ +
-| {{ ::putty_data.png?direct&320 |}} | {{ ::putty_proxy.png?direct&320 |}} | {{ ::putty_save_session.png?direct&320 |}} | +
- +
-==== Access to MOGON II - RSA Authentication ==== +
- +
-Authentication on MogonII is done via a RSA key pair. +
- +
-If **you don't have a RSA key** saved in a directory on your computer, doubleclick ''puttygen.exe'', generate your key and save it into your favourite directory on your computer. +
- +
-If **you already have a RSA key** saved in a directory on your computer proceed as follows: +
- +
-**First step** is to deploy your RSA public key on the ''mogon-login''-host. ''mogon-login''-host is part of the demilitarized zone that allows access to MOGON I/MOGON II cluster from outside the university network. +
-  * Before being able to transparently proxy your connection to ''MogonII'' through the ''mogon-login'' host, you need to connect to the host manually once and accept the SSH host key. +
-  * Open Putty, enter ''mogon-login.zdv.uni-mainz.de'' in the Host Name field, use the Port ''22022'' and click ''Open''. When Putty prompts you for host key validation, accept it. +
-  * Authenticate yourself with your <zdv_account> and your password. +
-  * Deploy your public key on mogon-login host in <code bash>~/.ssh/authorized_keys</code> +
- +
-^ Accepting the host key for ''mogon-login'' ^^ +
-| {{ ::putty_login.png?direct&512 |}} | {{ ::putty_login_host_key.png?direct&512|}} | +
- +
-^ Copy your public key from .ppk-file^^ +
-| {{ ::open_my_private_key.png?direct&512 |}} | {{ ::copy_public_key.png?direct&512 |}} | +
- +
-^ paste with Shift+Insert^^ +
-| {{ ::mogon_login_vim_aut.png?direct&512 |}} | {{ ::mogonII_authorized_keys.png?direct&512 |}} | +
- +
-**Second step** is to deploy your RSA public key on the ''mogon''-host. The ''mogon''-host is a reference to the actual MogonI-login-nodes that allocate resources from the compute-nodes of MOGON I. +
- +
-  * Deploy your public key on MOGON I. Because your home directory is the same on MOGON I and MOGON II clusters, it is sufficient to deploy your public key on either one of them. Because MOGON II only allows access with RSA authentication, you [[#access_to_mogon_i_-_password_authentication | access MOGON I via password authentication]], **deploy your public key again** in <code bash>~/.ssh/authorized_keys</code> and close the connection again. +
- +
- +
-**Third step** is to open the ssh-connection to MOGON II with RSA authentication. +
-  * Start ''pageant.exe'' and load your RSA key. +
- +
-^ Load RSA key in SSH authentication agent for PuTTY, PSCP, PSFTP, and Plink ^^ +
-| {{ ::pageant_view_keys.png?direct&512 |}} | {{ ::pageant_add_key.png?direct&512 |}} | +
-| {{ ::pageant_select_private_key.png?direct&512 |}} | {{ ::pageant_enter_pw.png?direct&512 |}} | +
- +
-  * Start ''putty.exe'' and load default settings. +
-  * Go to //Connection->SSH->Auth// and choose //"Allow agent forwarding"// +
-  * Go to //Connection->Proxy// and set the Proxy type to local. Change the Proxy Hostname and Port to ''mogon-login.zdv.uni-mainz.de'' and ''22022''. Type in your MOGON username. Enter ''plink.exe -A -agent -nc %host:%port -l %user -P %proxyport %proxyhost'' as the local proxy command +
-  * Go to //Connection->Data// and enter <your_username> again as //"Auto-login username"// +
-  * Go to //Session//, select the connection type SSH, enter ''<username>@miil01.zdv.uni-mainz.de'' in the Host Name field and use the Port ''22''+
- +
-  * Finally, choose a name for the Session (e.g. ''mogon2'') and save the session profile for further use. +
-When you now click on "Open", you connect directly to one of the MOGON II login nodes. You might have to accept another host key for them, but that's fine. +
- +
-^ Example configuration^^ +
-| {{ ::putty_auth_mII.png?direct&512 |}} | {{ ::putty_data_mII.png?direct&512 |}} | +
-| {{ ::putty_proxy_mII.png?direct&512 |}} | {{ ::putty_session.png?direct&512 |}} | +
- +
- +
-==== Access to MOGON I - RSA Authentication ==== +
- +
-The only difference in the connection to MOGON I via RSA authentication is the hostname. Follow exactly the same steps as for MOGON II but instead of ''miil02'', use ''mogon'' as hostname (the MOGON I Login-Node) in your configuration. +
-  * Replace the hostname <zdv_account>@miil02.zdv.uni-mainz.de with <zdv_account>@mogon.zdv.uni-mainz.de. +
- +
-==== X11 Forwarding ==== +
- +
-To enable X11 forwarding click on "X11in the "SSH" subcategory, and click on the "Enable X11 forwarding" option. Make sure that the remote X11 authentication protocol is set to "MIT-Magic-Cookie-1"+
- +
-Be sure to add ''-X'' to the local Proxy command line. +
- +
-X11 forwarding requires either X-Win32 or [[http://www.zdv.uni-mainz.de/4534.php|Xming]] to be installed on your computer. +
- +
-==== Copying files from/to Mogon ==== +
- +
-The most recommended way to access the filesystem on Mogon is using **[[filesystems#ftp|FTPS]]**, as described on that page. +
- +
-If you //must// use WinSCP, configure it according to these screenshots (the Proxy configuration from PuTTY does not seem to work): +
- +
-^ Example configuration with the username ''schlarbm'' ^^ +
-| {{ ::winscp1.png?direct&512 |}} | {{ ::winscp2.png?direct&512 |}} | +
-| {{ ::winscp3.png?direct&512 |}} | {{ ::winscp4.png?direct&512 |}} | +
-</pane> +
- +
-<pane id="tab-mobaxterm"> +
-==== Using MobaXterm ==== +
- +
-For this article we have used ''MobaXterm Home Edition v20.2 (Portable edition)''. Download ''MobaXterm'' first if you have not already done so. +
- +
-Start the application abd click on the ''Session'' button to start a new session: +
- +
-{{ :start:mogon_cluster:mobaxterm_proxyjump_1.png?800 }} +
- +
-Choose ''SSH'' to create a new SSH session. The session you create is automatically saved: +
- +
-{{ :start:mogon_cluster:mobaxterm_proxyjump_2.png?800 }} +
- +
-Fill in the fileds ''Remote host'' and specify your ''Username''. Afterwards go to ''Advanced SSH setting'' and provide the path to your ''SSH-Key'' which is **already present on MOGON**: +
- +
-{{ :start:mogon_cluster:mobaxterm_proxyjump_3.png?800 }} +
- +
-Now click on the ''Network settings'' tab and activate ''Conenct through SSH gateway (jump host)'': +
- +
-{{ :start:mogon_cluster:mobaxterm_proxyjump_4.png?800 }} +
- +
-Use 'sshgate.zdv.uni-mainz.de' as the gateway ssh server and enter your ''Username''. Add the same ''private Key'' as before. The configuration is now complete and you can click on ''OK''. A windows will open and you will be asked for the passphrase for your SSH key. After you entered the passphrase correctly, the session starts automatically. +
- +
-== Using MobaXterm SSH agent == +
- +
-Start ''MobaXterm'' and click on ''Settings'': +
- +
-{{ :start:mogon_cluster:mobaxterm_settings_1.png?800 }} +
- +
-now go to the ''SSH'' tab and **deactivate** ''Forward SSH agents''. Add your SSH key by clicking the plus sign, you will be asked for your Passphrase. If your are finished click on ''OK'': +
- +
-{{ :start:mogon_cluster:mobaxterm_settings_2.png?800 }} +
- +
-You'll now be asked for the passphrase every time you start MobaXterm but can use your SSH keys in different sessions through the SSH agent without explicitly setting up the key. +
- +
-</pane> +
-</tabs> +
-~~NOTOC~~+
  
 +<jumbotron>
 +===== Accessing MOGON=====
 +==== using Windows ====
 +</jumbotron>
 +</col>
 +<col xs="12" sm="12" md="12" lg="6">
 +<list-group>
 +  * {{fa>external-link?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:using_mobaxterm|using MobaXterm]]
 +  * {{fa>terminal?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:using_powershell|using PowerShell]]
 +  * {{fa>tty?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:using_putty|using PuTTY]]  
 +  * {{fa>key?fw&color=#000}} [[:start:mogon_cluster:access_from_outside_windows:creating_sshkeys_on_windows|Creating SSH-Keys for MOGON on Windows]]
 +</list-group>
 +</col>
 +</grid>
  • start/mogon_cluster/access_from_outside_windows.txt
  • Last modified: 2021/07/08 18:02
  • by meesters